Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Multiple Issues [CLOSED]


  • This topic is locked This topic is locked

#1
The_Shadow_630

The_Shadow_630

    Member

  • Member
  • PipPipPip
  • 161 posts
OK, I have taken it upon myself to go through all the pre-post suggestions and have all the log files and other items from that process. The process has found and removed several various trojans, root kits, etc. However, as of now, the problem of lowered performance and of not being able to change the background of the desktop from a standard blue-green color still exists. Therefore, I am not at my wits end with regards to this computer and am looking to those much more talented and experienced than I.

Here is the HijacKThis log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:20:36 PM, on 5/31/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\svchost.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Dell Photo Printer 720\dlbcserv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://bfc.myway.com...de_srchlft.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.prideofth...sroadsband.org/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://resultsmaster...omeLeftPane.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local.,
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: (no name) - {32341E7E-C319-46DE-91D0-E30BB1A3CABA} - C:\WINDOWS\system32\cbXPghGy.dll (file missing)
O2 - BHO: (no name) - {75E5A0A1-919D-43A8-B900-F80EAFE7226B} - C:\WINDOWS\system32\ddcCVoLd.dll (file missing)
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: (no name) - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: AIM Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\RunServices: [IEUpdate] C:\WINDOWS\system32\1041r.exe
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: dlbcserv.lnk = C:\Program Files\Dell Photo Printer 720\dlbcserv.exe
O4 - Global Startup: Event Reminder.lnk = ?
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 3.1\resources\en-US\local\search.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: AIM Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/...UI.cab55579.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebo...toUploader5.cab
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Golden%20Hearts%20Juice%20Bar/Images/stg_drm.ocx
O16 - DPF: {21BB8360-F943-447E-98F3-3C22345375A7} (CPlayFirstChocolatierControl Object) - http://www.shockwave...eb.1.0.0.13.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games – Buddy Invite) - http://zone.msn.com/...dy.cab55579.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/...at.cab55579.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebo...otoUploader.cab
O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} (CPlayFirstDinerDash2Control Object) - http://www.shockwave...h2.1.0.0.67.cab
O16 - DPF: {64D01C7F-810D-446E-A07E-16C764235644} (AtlAtomadersCtlAttrib Class) - http://zone.msn.com/...t/atomaders.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://atv.disney.go...y/OTOYAX29b.cab
O16 - DPF: {7D731A83-6C80-4EA4-9646-5E06A0513274} (Sandlot Loader Control) - http://www.shockwave...gwebinstall.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://www.shockwave...mjolauncher.cab
O16 - DPF: {80B626D6-BC34-4BCF-B5A1-7149E4FD9CFA} (UnoCtrl Class) - http://zone.msn.com/...O1.cab60096.cab
O16 - DPF: {87056D28-9730-4A47-B9F9-7E890B62C58A} (WildfireActiveXHost Class) - http://www.shockwave.../sis/axhost.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinn...ed/wwlaunch.cab
O16 - DPF: {988E213A-89C7-4C4E-B15F-5B7EDA2C34C0} (GenimoWebGames Control) - http://www.shockwave...amesControl.cab
O16 - DPF: {B0FB831D-17F6-4CBD-9B5D-3305881D362E} (LHGLauncherXForm Control) - http://www.shockwave...HLGLauncher.cab
O16 - DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} (GoBit Games Player) - http://www.shockwave...esPlayer_v4.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn...ro.cab56649.cab
O16 - DPF: {BAC761D3-DFFD-4DB4-A01D-173346E090A7} (CPlayFirstzenerchiControl Object) - http://www.shockwave...eb.1.0.0.10.cab
O16 - DPF: {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} (CPlayFirstddfotgControl Object) - http://www.shockwave...tg.1.0.0.33.cab
O16 - DPF: {CAC181B0-4D70-402D-B571-C596A47D0CE0} (CBankshotZoneCtrl Class) - http://zone.msn.com/...ol.cab56649.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Sally's%20Salon/Images/armhelper.ocx
O16 - DPF: {CF969D51-F764-4FBF-9E90-475248601C8A} (FamilyFeud Control) - http://www.worldwinn.../familyfeud.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://www.shockwave...outLauncher.cab
O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://www.shockwave...inematycoon.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games – Game Communicator) - http://zone.msn.com/...xy.cab55579.cab
O16 - DPF: {EA6246B4-F380-443F-8727-9AEA3371146C} (CPlayFirstWeddingDashControl Object) - http://www.shockwave...sh.1.0.0.47.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopet...v/GoPetsWeb.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: cbXPghGy - cbXPghGy.dll (file missing)
O20 - Winlogon Notify: __c00E0301 - C:\WINDOWS\system32\__c00E0301.dat (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 13311 bytes


Here is the unistall list from HijackThis:

20,000 Recipes
3D Frog Frenzy
Adobe Flash Player ActiveX
Adobe Reader 8.1.2
Adobe Shockwave Player
Adobe® Photoshop® Album Starter Edition 3.2
Advanced WindowsCare Personal
AIM 6
AIM Toolbar 5.0
AOL Instant Messenger
AOL Uninstaller (Choose which Products to Remove)
Apple Mobile Device Support
Apple Software Update
avast! Antivirus
Barbie ® Riding Club
Big Fish Games Client
Cake Mania 2
Carmen Sandiego Jr. Edition
ClueFinders® Search & Solve Adventures™
Compton's Interactive Encyclopedia 1997
Dell Digital Jukebox Driver
Dell Driver Reset Tool
Dell Media Experience
Dell Photo Printer 720
Dell Photo Printer 720 Logger
Dell Picture Studio v3.0
Dell Support Center
DellSupport
Deluxe MM Bible
Digital Line Detect
Diner Dash 2
Disney's Extremely Goofy Skateboarding Preview
exPressit S.E. 2.1
Google Toolbar for Internet Explorer

Here is the Panda Activescan log:

;*******************************************************************************
*********************************************************************************
*******************
ANALYSIS: 2008-05-31 16:10:00
PROTECTIONS: 2
MALWARE: 57
SUSPECTS: 0
;*******************************************************************************
*********************************************************************************
*******************
PROTECTIONS
Description Version Active Updated
;===============================================================================
=================================================================================
===================
avast! antivirus 4.8.1201 [VPS 080531-1] 4.8.1201 No Yes
McAfee VirusScan No Yes
;===============================================================================
=================================================================================
===================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===============================================================================
=================================================================================
===================
00039204 adware/cws Adware No 0 Yes No hkey_classes_root\iehlprobj.iehlprobj.1
00041446 application/myway HackTools No 0 Yes No hkey_classes_root\mysearchtoolbar.toolbarplugin.1
00041446 application/myway HackTools No 0 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{014DA6C9-189F-421A-88CD-07CFE51CFF10}
00041446 application/myway HackTools No 0 Yes No hkey_classes_root\mysearchtoolbar.toolbarplugin
00055522 Eicar.Mod Virus No 0 No No C:\Program Files\StompSoft\Spyware X-terminator\Help.chm[/HowCanITestDetection.html]
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Girls\Application Data\Mozilla\Firefox\Profiles\dv2vjcy1.default\cookies.txt[.doubleclick.net/]
00142933 Adware/DSSAgent Adware No 0 Yes No C:\Program Files\StompSoft\Spyware X-terminator\Quarantine\20080527195357.zip[WINDOWS/bbstore/dss/dssagent.exe]
00142933 Adware/DSSAgent Adware No 0 Yes No C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP585\A0172574.EXE
00145083 adware/mirar Adware No 1 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9A9C9B68-F908-4AAB-8D0C-10EA8997F37E}
00145083 adware/mirar Adware No 1 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9A9C9B69-F908-4AAB-8D0C-10EA8997F37E}
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\Girls\Application Data\Mozilla\Firefox\Profiles\dv2vjcy1.default\cookies.txt[.tradedoubler.com/]
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\Girls\Application Data\Mozilla\Firefox\Profiles\dv2vjcy1.default\cookies.txt[.tradedoubler.com/]
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\Girls\Application Data\Mozilla\Firefox\Profiles\dv2vjcy1.default\cookies.txt[.tradedoubler.com/]
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Girls\Application Data\Mozilla\Firefox\Profiles\dv2vjcy1.default\cookies.txt[.tribalfusion.com/]
00145758 Cookie/Mysearch TrackingCookie No 0 Yes No C:\Documents and Settings\Girls\Application Data\Mozilla\Firefox\Profiles\dv2vjcy1.default\cookies.txt[.mysearch.com/]
00145758 Cookie/Mysearch TrackingCookie No 0 Yes No C:\Documents and Settings\Girls\Application Data\Mozilla\Firefox\Profiles\dv2vjcy1.default\cookies.txt[.mysearch.com/]
00167747 Cookie/Azjmp TrackingCookie No 0 Yes No C:\Documents and Settings\Girls\Application Data\Mozilla\Firefox\Profiles\dv2vjcy1.default\cookies.txt[.azjmp.com/]
00168048 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Girls\Application Data\Mozilla\Firefox\Profiles\dv2vjcy1.default\cookies.txt[.perf.overture.com/]
00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Documents and Settings\Girls\Application Data\Mozilla\Firefox\Profiles\dv2vjcy1.default\cookies.txt[.burstnet.com/]
00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Documents and Settings\Girls\Application Data\Mozilla\Firefox\Profiles\dv2vjcy1.default\cookies.txt[.burstnet.com/]
00168097 Cookie/BurstBeacon TrackingCookie No 0 Yes No C:\Documents and Settings\Girls\Application Data\Mozilla\Firefox\Profiles\dv2vjcy1.default\cookies.txt[.www.burstbeacon.com/]
00170549 Cookie/FortuneCity TrackingCookie No 0 Yes No C:\Documents and Settings\Girls\Application Data\Mozilla\Firefox\Profiles\dv2vjcy1.default\cookies.txt[.fortunecity.com/]
00170549 Cookie/FortuneCity TrackingCookie No 0 Yes No C:\Documents and Settings\Girls\Application Data\Mozilla\Firefox\Profiles\dv2vjcy1.default\cookies.txt[.fortunecity.com/]
00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Girls\Application Data\Mozilla\Firefox\Profiles\dv2vjcy1.default\cookies.txt[.overture.com/]
00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Girls\Application Data\Mozilla\Firefox\Profiles\dv2vjcy1.default\cookies.txt[.overture.com/]
00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Girls\Application Data\Mozilla\Firefox\Profiles\dv2vjcy1.default\cookies.txt[.overture.com/]
00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Girls\Application Data\Mozilla\Firefox\Profiles\dv2vjcy1.default\cookies.txt[.overture.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\Girls\Application Data\Mozilla\Firefox\Profiles\dv2vjcy1.default\cookies.txt[.adultfriendfinder.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\Girls\Application Data\Mozilla\Firefox\Profiles\dv2vjcy1.default\cookies.txt[.adultfriendfinder.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\Girls\Application Data\Mozilla\Firefox\Profiles\dv2vjcy1.default\cookies.txt[.adultfriendfinder.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\Girls\Application Data\Mozilla\Firefox\Profiles\dv2vjcy1.default\cookies.txt[.adultfriendfinder.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\Girls\Application Data\Mozilla\Firefox\Profiles\dv2vjcy1.default\cookies.txt[.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\Girls\Application Data\Mozilla\Firefox\Profiles\dv2vjcy1.default\cookies.txt[.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\Girls\Application Data\Mozilla\Firefox\Profiles\dv2vjcy1.default\cookies.txt[.go.com/]
00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\Documents and Settings\Girls\Application Data\Mozilla\Firefox\Profiles\dv2vjcy1.default\cookies.txt[.searchportal.information.com/]
00207338 Cookie/Target TrackingCookie No 0 Yes No C:\Documents and Settings\Girls\Application Data\Mozilla\Firefox\Profiles\dv2vjcy1.default\cookies.txt[.target.com/]
00207338 Cookie/Target TrackingCookie No 0 Yes No C:\Documents and Settings\Girls\Application Data\Mozilla\Firefox\Profiles\dv2vjcy1.default\cookies.txt[.target.com/]
00207338 Cookie/Target TrackingCookie No 0 Yes No C:\Documents and Settings\Girls\Application Data\Mozilla\Firefox\Profiles\dv2vjcy1.default\cookies.txt[.target.com/]
00241796 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP580\A0167837.DLL
00241796 Application/MyWebSearch HackTools No 0 Yes No C:\Program Files\StompSoft\Spyware X-terminator\Quarantine\20080527195357.zip[Program Files/mysearch/bar/2.bin/S4PLUGIN.DLL]
00241834 Application/MyWebSearch HackTools No 0 Yes No C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP580\A0167834.DLL
00241834 Application/MyWebSearch HackTools No 0 Yes No C:\Program Files\StompSoft\Spyware X-terminator\Quarantine\20080527195357.zip[Program Files/mysearch/bar/2.bin/NPMYSRCH.DLL]
00278769 Application/PRScheduler HackTools No 0 Yes No C:\DOCUMENTS AND SETTINGS\GIRLS\START MENU\PROGRAMS\STARTUP\POWERREG SCHEDULER.EXE
00293517 Cookie/AdDynamix TrackingCookie No 0 Yes No C:\Documents and Settings\Girls\Application Data\Mozilla\Firefox\Profiles\dv2vjcy1.default\cookies.txt[.ads.addynamix.com/]
00521370 Spyware/Iehelp Spyware No 1 Yes No C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP585\A0172572.dll
00522961 Exploit/ByteVerify HackTools No 0 Yes No C:\Documents and Settings\Girls\Application Data\Sun\Java\Deployment\cache\6.0\8\6dad9308-785807f2[MagicApplet.class]
00522961 Exploit/ByteVerify HackTools No 0 Yes No C:\Documents and Settings\Girls\Application Data\Sun\Java\Deployment\cache\6.0\8\6dad9308-6938a04b[MagicApplet.class]
00522968 Exploit/ByteVerify HackTools No 0 Yes No C:\Documents and Settings\Girls\Application Data\Sun\Java\Deployment\cache\6.0\8\6dad9308-785807f2[OwnClassLoader.class]
00522968 Exploit/ByteVerify HackTools No 0 Yes No C:\Documents and Settings\Girls\Application Data\Sun\Java\Deployment\cache\6.0\8\6dad9308-6938a04b[OwnClassLoader.class]
00527204 Application/PRScheduler HackTools No 0 Yes No C:\DOCUMENTS AND SETTINGS\GIRLS\START MENU\PROGRAMS\STARTUP\POWERREG SCHEDULER V3.EXE
00716072 Adware/IST Adware No 0 Yes No C:\Program Files\StompSoft\Spyware X-terminator\Quarantine\20080527195357.zip[Program Files/spamblockerutility/SBTV/SBTVHelper.dll]
00901730 Generic Malware Virus/Trojan No 0 Yes No C:\Program Files\StompSoft\Spyware X-terminator\Quarantine\20080527195357.zip[Program Files/spamblockerutility/Bin/4.8.4.0/SbCoreSrv.dll]
00902199 Generic Malware Virus/Trojan No 0 Yes No C:\Program Files\StompSoft\Spyware X-terminator\Quarantine\20080527195357.zip[Program Files/spamblockerutility/Bin/4.8.4.0/SbHostOE.dll]
00902206 Generic Malware Virus/Trojan No 0 Yes No C:\Program Files\StompSoft\Spyware X-terminator\Quarantine\20080527195357.zip[Program Files/spamblockerutility/Bin/4.8.4.0/SbInstIE.dll]
00902341 Generic Malware Virus/Trojan No 0 Yes No C:\Program Files\StompSoft\Spyware X-terminator\Quarantine\20080527195357.zip[Program Files/spamblockerutility/Bin/4.8.4.0/SbHostOL.dll]
00984992 Adware/IST Adware No 0 Yes No C:\Program Files\StompSoft\Spyware X-terminator\Quarantine\20080527195357.zip[Program Files/spamblockerutility/Bin/4.8.4.0/SbHostIE.dll]
00985682 Adware/IST Adware No 0 Yes No C:\Program Files\StompSoft\Spyware X-terminator\Quarantine\20080527195357.zip[Program Files/spamblockerutility/Bin/4.8.4.0/SbToolbar.dll]
01020628 Adware/IST Adware No 0 Yes No C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP580\A0167873.dll
01020628 Adware/IST Adware No 0 Yes No C:\Program Files\StompSoft\Spyware X-terminator\Quarantine\20080527195357.zip[Program Files/spamblockerutility/Bin/4.8.4.0/SBSrvPS.dll]
01020699 Adware/IST Adware No 0 Yes No C:\Program Files\StompSoft\Spyware X-terminator\Quarantine\20080527195357.zip[Program Files/spamblockerutility/Bin/4.8.4.0/SBOLExp.dll]
01042717 Adware/IST Adware No 0 Yes No C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP580\A0167871.dll
01042717 Adware/IST Adware No 0 Yes No C:\Program Files\StompSoft\Spyware X-terminator\Quarantine\20080527195357.zip[Program Files/spamblockerutility/Bin/4.8.4.0/SBOLExt.dll]
01047005 Adware/IST Adware No 0 Yes No C:\Program Files\StompSoft\Spyware X-terminator\Quarantine\20080527195357.zip[Program Files/spamblockerutility/Bin/4.8.4.0/SBUIRes.dll]
01047005 Adware/IST Adware No 0 Yes No C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP580\A0167876.dll
01047013 Adware/IST Adware No 0 Yes No C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP580\A0167875.dll
01047013 Adware/IST Adware No 0 Yes No C:\Program Files\StompSoft\Spyware X-terminator\Quarantine\20080527195357.zip[Program Files/spamblockerutility/Bin/4.8.4.0/SBTrayAppPS.dll]
01047019 Adware/IST Adware No 0 Yes No C:\Program Files\StompSoft\Spyware X-terminator\Quarantine\20080527195357.zip[Program Files/spamblockerutility/Bin/4.8.4.0/SBUISkin.dll]
01047019 Adware/IST Adware No 0 Yes No C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP580\A0167877.dll
01047020 Adware/IST Adware No 0 Yes No C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP580\A0167861.dll
01047020 Adware/IST Adware No 0 Yes No C:\Program Files\StompSoft\Spyware X-terminator\Quarantine\20080527195357.zip[Program Files/spamblockerutility/Bin/4.8.4.0/SBClientSinkPS.dll]
01190049 Trj/ClassLoader.AF Virus/Trojan No 0 Yes No C:\Documents and Settings\Girls\Application Data\Sun\Java\Deployment\cache\6.0\8\6dad9308-785807f2[Installer.class]
01190049 Trj/ClassLoader.AF Virus/Trojan No 0 Yes No C:\Documents and Settings\Girls\Application Data\Sun\Java\Deployment\cache\6.0\8\6dad9308-6938a04b[Installer.class]
01196325 Cookie/Enhance TrackingCookie No 0 Yes No C:\Documents and Settings\Girls\Application Data\Mozilla\Firefox\Profiles\dv2vjcy1.default\cookies.txt[.enhance.com/]
01196325 Cookie/Enhance TrackingCookie No 0 Yes No C:\Documents and Settings\Girls\Application Data\Mozilla\Firefox\Profiles\dv2vjcy1.default\cookies.txt[.enhance.com/]
01260840 Trj/Downloader.PME Virus/Trojan No 1 Yes No C:\Documents and Settings\Pam\Local Settings\Application Data\Wildtangent\Cdacache\00\00\10.dat
01260840 Trj/Downloader.PME Virus/Trojan No 1 Yes No C:\Documents and Settings\Pam\Local Settings\Temp\CDASilentInstall0500.exe
01300662 Adware/IST Adware No 0 Yes No C:\Program Files\StompSoft\Spyware X-terminator\Quarantine\20080527195357.zip[Program Files/spamblockerutility/Bin/4.8.4.0/SbWallpaper.dll]
01692614 Adware/IST Adware No 0 Yes No C:\Program Files\StompSoft\Spyware X-terminator\Quarantine\20080527195357.zip[Program Files/spamblockerutility/Bin/4.8.4.0/Redemption.dll]
01692614 Adware/IST Adware No 0 Yes No C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP580\A0167860.dll
01692698 Generic Malware Virus/Trojan No 0 Yes No C:\Documents and Settings\Girls\Application Data\Macromedia\Shockwave Player\xtras\download\TheGrooveAlliance\3DGrooveXtrav181\Groove.x32
02206125 Adware/IST Adware No 0 Yes No C:\Program Files\StompSoft\Spyware X-terminator\Quarantine\20080527195357.zip[Program Files/spamblockerutility/Bin/4.8.4.0/Cml.exe]
02412094 Generic Malware Virus/Trojan No 0 Yes No C:\Program Files\StompSoft\Spyware X-terminator\Quarantine\20080527195357.zip[Program Files/mysearch/bar/2.bin/S4BAR.DLL]
02892061 Adware/Zango Adware No 0 Yes No C:\Program Files\StompSoft\Spyware X-terminator\Quarantine\20080527195357.zip[Program Files/spamblockerutility/SBTV/SBTV.exe]
02893775 Spyware/Iehelp Spyware No 1 Yes No C:\Program Files\iWin Games\firefox\iWinArcadeLauncher.exe
02917677 Adware/IST Adware No 0 Yes No C:\Program Files\StompSoft\Spyware X-terminator\Quarantine\20080527195357.zip[Program Files/spamblockerutility/Bin/4.8.4.0/SBInst.exe]
02990320 Application/BoontyGames HackTools No 0 Yes No C:\PROGRAM FILES\COMMON FILES\BOONTY SHARED\SERVICE\BOONTY.EXE
02990522 Generic Malware Virus/Trojan No 0 Yes No C:\Program Files\StompSoft\Spyware X-terminator\Quarantine\20080527195357.zip[WINDOWS/xpupdate.exe]
02994886 Trj/Autorun.WQ Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP579\A0167766.exe
02994886 Trj/Autorun.WQ Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP579\A0167763.exe
02994886 Trj/Autorun.WQ Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP579\A0167743.exe
02994886 Trj/Autorun.WQ Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP579\A0167729.exe
02994886 Trj/Autorun.WQ Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP581\A0172084.exe
02994886 Trj/Autorun.WQ Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP581\A0172046.exe
02994886 Trj/Autorun.WQ Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP579\A0167687.exe
02995119 Trj/Agent.IVZ Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP580\A0167917.exe
02995207 Trj/Downloader.TUB Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP579\A0167804.exe
02995207 Trj/Downloader.TUB Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP580\A0171965.exe
;===============================================================================
=================================================================================
===================
SUSPECTS
Sent Location 
;===============================================================================
=================================================================================
===================
;===============================================================================
=================================================================================
===================
VULNERABILITIES
Id Severity Description 
;===============================================================================
=================================================================================
===================
;===============================================================================
=================================================================================
===================


Here is the Malwarebytes Anti-malware Log:

Malwarebytes' Anti-Malware 1.14
Database version: 807

10:38:52 AM 5/31/2008
mbam-log-5-31-2008 (10-38-51).txt

Scan type: Quick Scan
Objects scanned: 65324
Time elapsed: 25 minute(s), 45 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 1
Registry Keys Infected: 361
Registry Values Infected: 23
Registry Data Items Infected: 0
Folders Infected: 106
Files Infected: 319

Memory Processes Infected:
C:\Documents and Settings\Girls\cftmon.exe (Trojan.Agent) -> Unloaded process successfully.

Memory Modules Infected:
C:\WINDOWS\system32\baselfgq32.dll (Trojan.Downloader) -> Unloaded module successfully.

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{5aa2ba46-9913-4dc7-9620-69ab0fa17ae7} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e4e3e0f8-cd30-4380-8ce9-b96904bdefca} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{fe8a736f-4124-4d9c-b4b1-3b12381efabe} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{c9c5deaf-0a1f-4660-8279-9edfad6fefe1} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2 (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2.1 (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{04a38f6b-006f-4247-ba4c-02a139d5531c} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{3c2d2a1e-031f-4397-9614-87c932a848e0} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx.1 (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2b96d5cc-c5b5-49a5-a69d-cc0a30f9028c} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mysearchtoolbar.settingsplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mysearchtoolbar.settingsplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{014da6cb-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{014da6c1-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{014da6ca-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{014da6cc-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{014da6c0-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\dbtb89568.deskalertsbho (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\dbtb89568.deskalertsbho.1 (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5121b863-fae8-4935-ba76-0abe0239aeca} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\dbtb89568.deskalertsenabler (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\dbtb89568.deskalertsenabler.1 (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b45e2d97-2a06-4d64-b8cc-89df59d5534c} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\dbtb89568.dbtb89568 (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\dbtb89568.dbtb89568.1 (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\dbtb89568.deskalerts (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\dbtb89568.deskalerts.1 (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c86ed3c8-2ea9-40d6-bb3b-ff5817b7523c} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{0d2727d9-e6d1-4549-be55-5d38e678c1bd} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{20159057-f0d9-4520-8d0e-b117b49fb5d9} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{45a31505-d656-46c8-9719-ea5a4ff3c5f7} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{da22665c-9e90-4484-b4ee-6404085ea6db} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1037b06c-84b7-4240-8d80-485810a0497d} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{54b287f9-fd90-4457-b65e-cb91560c021d} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6e4c7afc-9915-4036-b7f9-8b3f1710788f} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{566dede9-9ed8-45da-9be6-9b2eeab17f49} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9a9c9b68-f908-4aab-8d0c-10ea8997f37e} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{00b498e3-0543-4624-8fde-1caf89a80550} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{00b498e3-0543-4624-8fde-1caf89a80550} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbttoolbar.hbttoolbarctl (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbttoolbar.hbttoolbarctl.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\sbtoolbar.toolbarctl (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\sbtoolbar.toolbarctl.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0ab71193-ec19-4d70-85c2-e46e2ff02755} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbcoresrv.dynamicprop (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbcoresrv.dynamicprop.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1e0004ec-5df0-48c7-a8f0-fbb0488a3d94} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\asapcom.asapenvelope (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{286e500c-ef0a-4aa3-a94d-e495f653ef4b} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{319260ab-be0c-4025-8569-7a27ed2faab9} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8ac5bc54-b13b-4642-99f9-0baa2d116184} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9809a6b4-70b1-4bb2-b3b5-b415763a534e} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d5178f77-c5e6-4e8f-9787-48b5d7eccce8} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\asapcom.asapenvelope.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\asapcom.asapmessage (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\asapcom.asapmessage.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbthostol.hbtmailanim (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbthostol.hbtmailanim.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\sbhostol.mailanim (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\sbhostol.mailanim.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{31a59636-0fa3-4a56-954d-db7ad02840d8} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbtcoresrv.lfgax (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbtcoresrv.lfgax.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\sbcoresrv.lfgax (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\sbcoresrv.lfgax.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3fa917b9-df69-477f-9e4f-b60d929de79f} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbttoolbar.hbthtmlmenuui (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbttoolbar.hbthtmlmenuui.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\sbtoolbar.htmlmenuui (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\sbtoolbar.htmlmenuui.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{420c35c9-e4f2-49f9-bf67-2be1ecf86989} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{460ac4db-b0de-4626-a0f0-175dd84dcb9b} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbtools.hbtcommband (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbtools.hbtcommband.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\spamblockerutility.commband (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\spamblockerutility.commband.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7e66936c-fea0-4984-ad26-7b6661ac5b2e} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\asapcom.asapclass (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\asapcom.asapclass.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbtinstie.hbinstobj (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbtinstie.hbinstobj.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\sbinstie.sbinstobj (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\sbinstie.sbinstobj.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8c875948-9c60-4381-9248-0df180542d53} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{90b5a95a-afd5-4d11-b9bd-a69d53d22226} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\asapcom.asapmain (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\asapcom.asapmain.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbtcoresrv.hbtcoreservices (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbtcoresrv.hbtcoreservices.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\sbcoresrv.coreservices (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\sbcoresrv.coreservices.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a14c0d8d-e753-4e73-9e2b-4070791d8940} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbthostol.hbtwebmailsend (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbthostol.hbtwebmailsend.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\sbhostol.webmailsend (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\sbhostol.webmailsend.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c2baa4c9-ae1e-4605-ae2f-a1c49a30d881} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\asapcom.asaprecipients (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\asapcom.asaprecipients.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\spamblockerconfig.application (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\spamblockerconfig.application.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d9882035-7745-47c7-8d5e-c11178f9c553} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e678cbdc-d022-41f5-ab21-c43dfd9dfc3e} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e678cbdc-d022-41f5-ab21-c43dfd9dfc3e} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ea232a0a-46f8-4d44-a30b-50321518a828} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{ea232a0a-46f8-4d44-a30b-50321518a828} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbttools.hbmain (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbttools.hbmain.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\spamblockerutility.sbmain (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\spamblockerutility.sbmain.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ed8525ea-2bfc-4440-bd8a-20efb9d5e541} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbtsrv.hbtcoreservices (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbtsrv.hbtcoreservices.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\sbsrv.coreservices (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\sbsrv.coreservices.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{fa16bce1-5e36-472a-8466-e0cdd5ce00e6} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{421745e9-16df-4ee4-a758-d51f939c49cb} (Adware.Hotbar) -> Quarantined
  • 0

Advertisements


#2
fenzodahl512

fenzodahl512

  • Malware Removal
  • 9,863 posts
Hello The_Shadow_630, my name is fenzodahl512 and welcome to Geekstogo.. Please do the following..

Please download ATF Cleaner by Atribune.
Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browserClick Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browserClick Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.




NEXT


Please visit below webpage for instructions for downloading and running ComboFix

http://www.bleepingc...to-use-combofix

This includes installing the Windows XP Recovery Console in case you have not installed it yet.

For more information on the Windows XP Recovery Console read http://support.microsoft.com/kb/314058.

Once you install the Recovery Console, when you reboot your computer, you'll see the option for the Recovery Console now as well. DO NOT select Recovery Console as we don't need it. By default, your main OS is selected there. The screen stays for 2 seconds and then it proceeds to load Windows. That is normal.

Post the log from ComboFix (located in C:\combofix.txt) when you've accomplished that, along with a new HijackThis log.



Regards
fenzodahl512
  • 0

#3
fenzodahl512

fenzodahl512

  • Malware Removal
  • 9,863 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP